Coming Out of the Closet
Bank Info Security's Tom Field conducted a "state of the security industry" interview with Forrester analyst Jonathan Penn entitled "It's Time to 'Take Security Out of the Closet'." It's a great read and I highly recommend it, though there is one portion regarding data masking and tekenization that I wanted to comment on: There is a lot happening in data security. DLP adoption continues to grow (that is Data Leak Prevention technology), but there are also things happening in database security, data masking and database monitoring. Tokenization is a big issue. Basically trying to make the information that is such a prime target for identity thieves that much more meaningless by turning it into something that isn't directly useable by them. By lumping "data masking" and "tokenization" into the same answer and simply stating, "trying to make the information that is such a prime target for identity thieves that much more meaningless by turning it into something that isn't directly useable by them," might lead to the misconception that they are the same thing. It's important to note that tokenization is a less in-depth measure that is best suited for one-time use for numbers-based databases. Data masking, especially done by DMsuite, is meant for all types of data, can be used and repeated for multiple databases and environments, and can be used for every kind of outsourcing. Overall a good interview with some great insight and a mid-2010 "pulse check."